01-08-2015 05:28 AM
we want to connect a RAP-109 over the internet to a mobility controller 3600 with ipsec VPN. The configuration in the RAP is very simple, but we are not about sure about the configuration in the 3600 controller.
At this time we have an ipsec connect between our two 3600 controllers and don't want to impact the business.
Any ideas how to config the controllers without disturbing the controller ipsec tunnel?
01-08-2015 05:47 AM
The RAP VRD provides step-by-step for setting up and provisioning remote APs.
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
01-08-2015 05:58 AM
You need to do a couple of things:
- Create an "address pools" for the RAP to get an internal controller IP address
- Add the wired mac address of the RAP in the RAP whitelist
- You need to create an AP-Group that has the public IP address that the RAP will use to reach the controller (Make sure that you allow UDP/4500 for that IP address on your firewall for incoming traffic coming from the internet)
You need add the public IP address in the provisioning profile (Master IP)
- If your RAP109 is up and running you should see the "instant" SSID connect to it, open your browser and type "instant.arubanetworks.com" , then go to the Maintenance tab >Convert and use the following option and type the public IP address that the controller should be reached from the remote location
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA